From owner-freebsd-arch@FreeBSD.ORG Mon Apr 26 11:06:55 2010 Return-Path: Delivered-To: freebsd-arch@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A285B106566C for ; Mon, 26 Apr 2010 11:06:55 +0000 (UTC) (envelope-from owner-bugmaster@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 778C88FC17 for ; Mon, 26 Apr 2010 11:06:55 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.4/8.14.4) with ESMTP id o3QB6t90004087 for ; Mon, 26 Apr 2010 11:06:55 GMT (envelope-from owner-bugmaster@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.4/8.14.4/Submit) id o3QB6st8004085 for freebsd-arch@FreeBSD.org; Mon, 26 Apr 2010 11:06:54 GMT (envelope-from owner-bugmaster@FreeBSD.org) Date: Mon, 26 Apr 2010 11:06:54 GMT Message-Id: <201004261106.o3QB6st8004085@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: gnats set sender to owner-bugmaster@FreeBSD.org using -f From: FreeBSD bugmaster To: freebsd-arch@FreeBSD.org Cc: Subject: Current problem reports assigned to freebsd-arch@FreeBSD.org X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 26 Apr 2010 11:06:55 -0000 Note: to view an individual PR, use: http://www.freebsd.org/cgi/query-pr.cgi?pr=(number). The following is a listing of current problems submitted by FreeBSD users. These represent problem reports covering all versions including experimental development code and obsolete releases. S Tracker Resp. Description -------------------------------------------------------------------------------- o kern/120749 arch [request] Suggest upping the default kern.ps_arg_cache 1 problem total. From owner-freebsd-arch@FreeBSD.ORG Tue Apr 27 17:04:49 2010 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 2BB58106566C for ; Tue, 27 Apr 2010 17:04:49 +0000 (UTC) (envelope-from jeremie@le-hen.org) Received: from smtpfb2-g21.free.fr (smtpfb2-g21.free.fr [212.27.42.10]) by mx1.freebsd.org (Postfix) with ESMTP id 95F0D8FC12 for ; Tue, 27 Apr 2010 17:04:46 +0000 (UTC) Received: from smtp5-g21.free.fr (smtp5-g21.free.fr [212.27.42.5]) by smtpfb2-g21.free.fr (Postfix) with ESMTP id E3381CA88F2 for ; Tue, 27 Apr 2010 18:54:40 +0200 (CEST) Received: from smtp5-g21.free.fr (localhost [127.0.0.1]) by smtp5-g21.free.fr (Postfix) with ESMTP id 61F0FD481A0; Tue, 27 Apr 2010 18:54:34 +0200 (CEST) Received: from endor.tataz.chchile.org (tataz.chchile.org [82.233.239.98]) by smtp5-g21.free.fr (Postfix) with ESMTP id 7CE44D4809C; Tue, 27 Apr 2010 18:54:32 +0200 (CEST) Received: from felucia.tataz.chchile.org (felucia.tataz.chchile.org [192.168.1.9]) by endor.tataz.chchile.org (Postfix) with ESMTP id E43CE33D2B; Tue, 27 Apr 2010 16:54:31 +0000 (UTC) Received: by felucia.tataz.chchile.org (Postfix, from userid 1000) id D5F58A11E8; Tue, 27 Apr 2010 16:54:31 +0000 (UTC) Date: Tue, 27 Apr 2010 18:54:31 +0200 From: Jeremie Le Hen To: Alexander Churanov Message-ID: <20100427165431.GQ34466@felucia.tataz.chchile.org> References: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.20 (2009-06-14) Cc: freebsd-arch@freebsd.org Subject: Re: New "scallhook" feature. Is is OK to create a proposal? X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Apr 2010 17:04:49 -0000 Hi Alexander, On Tue, Apr 06, 2010 at 05:27:29PM +0400, Alexander Churanov wrote: > About me: > > I am software engineer, currently working in Cisco Systems, specializing in > C/C++/UNIX. My additional interests are software quality and security. I am > a port maintainer for devel/boost-* and was participating in extending > syscons driver, until the project was superseded by syscons rewrite by Ed > Schouten. > > About Vladislav: > Vladislav is a PhD of computer science, has experience with developing in C > and C++ for FreeBSD. > > Before writing the full proposal on the wiki, I'd like to receive the first > approval. I don't know what you intend to do after Robert's reply but if you are seeking a kernel-level security improvement to work on, I suggest to look at porting PaX into FreeBSD. Regards, -- Jeremie Le Hen Humans are born free and equal. But some are more equal than others. Coluche From owner-freebsd-arch@FreeBSD.ORG Wed Apr 28 12:20:02 2010 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 4E14A106564A for ; Wed, 28 Apr 2010 12:20:02 +0000 (UTC) (envelope-from rwatson@freebsd.org) Received: from cyrus.watson.org (cyrus.watson.org [65.122.17.42]) by mx1.freebsd.org (Postfix) with ESMTP id 0CD6B8FC13 for ; Wed, 28 Apr 2010 12:20:02 +0000 (UTC) Received: from lemongrass.sec.cl.cam.ac.uk (lemongrass.sec.cl.cam.ac.uk [128.232.18.47]) by cyrus.watson.org (Postfix) with ESMTPSA id 323EC46B0C; Wed, 28 Apr 2010 08:20:01 -0400 (EDT) Mime-Version: 1.0 (Apple Message framework v1078) From: "Robert N. M. Watson" In-Reply-To: <06D5F9F6F655AD4C92E28B662F7F853E021D4D37@seaxch09.desktop.isilon.com> Date: Wed, 28 Apr 2010 13:19:59 +0100 Message-Id: References: <06D5F9F6F655AD4C92E28B662F7F853E021D4D37@seaxch09.desktop.isilon.com> To: Matthew Fleming X-Mailer: Apple Mail (2.1078) Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: freebsd-arch@freebsd.org Subject: Re: GDC/libdispatch for kernel X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 28 Apr 2010 12:20:02 -0000 On 24 Apr 2010, at 20:29, Matthew Fleming wrote: > I have the need for a simple mechanism to farm off work blocks that = will be run on other processors if there is spare compute time, and on = the current CPU if there is not any spare time. >=20 > An example of something I want to do is compute an error correcting = code and a crc32 checksum on a block of data, potentially while also = dealing with system resources so the block can be written to disk. >=20 > I dont want to reinvent the wheel, and the GCD framework looks like it = would provide what I want in dispatch groups run on a parallel queue. = However, theres a lot of things supported in GCD that I dont need (now = and possibly ever). >=20 > Has anyone done any work to support some of the GCD functions in the = kernel? If not, how useful would other people find such a thing? In my = specific instance, I was thinking along the lines of having the idle = thread run a dispatch object off a global queue, setting its priority to = the curthread->td_priority of the thread that initiated the dispatch, in = order to prevent priority inversions. I dont want the farmed off work = to preempt anything else useful the system may have to do, which is why = I was considering the idle threads (or my own threads running at = PRI_MAX_IDLE-1 until they have work). >=20 > However, I dont think this implementation is really in the spirit of = the rest of the GCD architecture. So in addition to wondering if there = is an existing BSD-licensed code to do such a thing, I also am wondering = what direction the community can provide on a few design points to make = this useful both for me and for the general community. >=20 > I will be at BSDCan but I need something usable (for me, at least) = next week to fix some issues at work. >=20 > Meanwhile, one other question I had was regarding the name of all the = dispatch_foo_t objects, which are typedefs of a pointer-to-struct. This = is explicitly frowned upon in style(9), so would it be better to be = consistent with libdispatch names or style(9)? I would tend to assume = style(9) >=20 John Baldwin, George Neville-Neil, and I had a similar GCDish = conversation while I was in NYC over the weekend. I think this topic = calls for a detailed discussion at BSDCan -- there are a number of = complicating issues, not least that C Blocks (closures) require C = runtime changes and perform memory allocation. When I first got involved = in GCD, I commented to Apple that there are marked (but unsurprising) = similarities to existing concurrency frameworks we use in the kernel, = such as netisr/taskqueue/etc for asynchronous work scheduling. However, = the impact of features like Blocks shouldn't be underestimated: they = bring significant code simplicity and correctness benefits that are part = of what makes the GCD model work so well. I think for your immediate needs, a refinement of our notion of = taskqueue might be the best way forward, though, with a more general = discussion of the technologies and approaches in GCD at a later date. Robert= From owner-freebsd-arch@FreeBSD.ORG Sat May 1 13:05:18 2010 Return-Path: Delivered-To: freebsd-arch@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 7D794106564A for ; Sat, 1 May 2010 13:05:18 +0000 (UTC) (envelope-from ed@hoeg.nl) Received: from mx0.hoeg.nl (mx0.hoeg.nl [178.63.0.170]) by mx1.freebsd.org (Postfix) with ESMTP id F3AAC8FC18 for ; Sat, 1 May 2010 13:05:17 +0000 (UTC) Received: by mx0.hoeg.nl (Postfix, from userid 1000) id C487C2A28CFE; Sat, 1 May 2010 14:45:44 +0200 (CEST) Date: Sat, 1 May 2010 14:45:44 +0200 From: Ed Schouten To: freebsd-arch@FreeBSD.org Message-ID: <20100501124544.GR56080@hoeg.nl> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="7aQJ/pUO7E0NVzIB" Content-Disposition: inline User-Agent: Mutt/1.5.20 (2009-06-14) Cc: Subject: [Extension] utmpx and LOGIN_FAILURE X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 01 May 2010 13:05:18 -0000 --7aQJ/pUO7E0NVzIB Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hi all, Some time ago I noticed some operating systems offer an interface called btmp, which is essentially a wtmp for logging failed login attempts. Instead of taking the same approach, I'd rather do something as follows: http://80386.nl/pub/utmpx-login_failure.diff.txt This patch adds a new utmpx log entry type called LOGIN_FAILURE. Unfortunately we are the only operating system that does it this way, but I suspect if we can already get OpenSSH and PAM to use this interface, we've got reasonable coverage. The patch only has the modifications for OpenSSH. An example of what this looks like: | $ last | grep failed | sdlfkjdf mekker.80386.nl Sat May 1 14:14 login failed The idea behind having this, is to make logging of such failed attempts more generic and easier to obtain. It would be quite nice if applications like DenyHosts can simply harvest this database using getutxent(3), instead of using all sorts of regular expressions on the log files. Any thoughts on this subject? --=20 Ed Schouten WWW: http://80386.nl/ --7aQJ/pUO7E0NVzIB Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.14 (FreeBSD) iEYEARECAAYFAkvcIngACgkQ52SDGA2eCwW23gCbBAJ3nyAGxVuvVrCk7fCK9dCd MmMAn3ttAn/Ia2b9w+39ksvUCZxucUm6 =gdUC -----END PGP SIGNATURE----- --7aQJ/pUO7E0NVzIB-- From owner-freebsd-arch@FreeBSD.ORG Sat May 1 19:13:04 2010 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 87C30106568A for ; Sat, 1 May 2010 19:13:04 +0000 (UTC) (envelope-from alexander@leidinger.net) Received: from mail.ebusiness-leidinger.de (mail.ebusiness-leidinger.de [217.11.53.44]) by mx1.freebsd.org (Postfix) with ESMTP id 444858FC1D for ; Sat, 1 May 2010 19:13:04 +0000 (UTC) Received: from outgoing.leidinger.net (pD9E2CFDC.dip.t-dialin.net [217.226.207.220]) by mail.ebusiness-leidinger.de (Postfix) with ESMTPSA id ED045844165; Sat, 1 May 2010 21:12:54 +0200 (CEST) Received: from unknown (unknown [192.168.2.110]) by outgoing.leidinger.net (Postfix) with ESMTP id D58F950BE; Sat, 1 May 2010 21:12:50 +0200 (CEST) Date: Sat, 1 May 2010 21:12:50 +0200 From: Alexander Leidinger To: Ed Schouten Message-ID: <20100501211250.00007a1c@unknown> In-Reply-To: <20100501124544.GR56080@hoeg.nl> References: <20100501124544.GR56080@hoeg.nl> X-Mailer: Claws Mail 3.7.2cvs15 (GTK+ 2.16.0; i586-pc-mingw32msvc) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-EBL-MailScanner-Information: Please contact the ISP for more information X-EBL-MailScanner-ID: ED045844165.B2166 X-EBL-MailScanner: Found to be clean X-EBL-MailScanner-SpamCheck: not spam, spamhaus-ZEN, SpamAssassin (not cached, score=-1.363, required 6, autolearn=disabled, ALL_TRUSTED -1.44, TW_WT 0.08) X-EBL-MailScanner-From: alexander@leidinger.net X-EBL-MailScanner-Watermark: 1273345976.16183@GF7/5SJ3rqpnD2dTnpUnnA X-EBL-Spam-Status: No Cc: freebsd-arch@FreeBSD.org Subject: Re: [Extension] utmpx and LOGIN_FAILURE X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 01 May 2010 19:13:04 -0000 On Sat, 1 May 2010 14:45:44 +0200 Ed Schouten wrote: > Hi all, > > Some time ago I noticed some operating systems offer an interface > called btmp, which is essentially a wtmp for logging failed login > attempts. Instead of taking the same approach, I'd rather do Does this default to on or off or is this always on? If the later: some kind of a switch (no matter what the default is) would be highly desired. Bye, Alexander. From owner-freebsd-arch@FreeBSD.ORG Sat May 1 20:32:46 2010 Return-Path: Delivered-To: freebsd-arch@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 0E68F106564A for ; Sat, 1 May 2010 20:32:46 +0000 (UTC) (envelope-from ed@hoeg.nl) Received: from mx0.hoeg.nl (mx0.hoeg.nl [178.63.0.170]) by mx1.freebsd.org (Postfix) with ESMTP id C6B3B8FC16 for ; Sat, 1 May 2010 20:32:45 +0000 (UTC) Received: by mx0.hoeg.nl (Postfix, from userid 1000) id 5F5AC2A28D04; Sat, 1 May 2010 22:32:44 +0200 (CEST) Date: Sat, 1 May 2010 22:32:44 +0200 From: Ed Schouten To: Alexander Leidinger Message-ID: <20100501203244.GT56080@hoeg.nl> References: <20100501124544.GR56080@hoeg.nl> <20100501211250.00007a1c@unknown> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="Ims+H+fSKJm6k6PB" Content-Disposition: inline In-Reply-To: <20100501211250.00007a1c@unknown> User-Agent: Mutt/1.5.20 (2009-06-14) Cc: freebsd-arch@FreeBSD.org Subject: Re: [Extension] utmpx and LOGIN_FAILURE X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 01 May 2010 20:32:46 -0000 --Ims+H+fSKJm6k6PB Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hello Alexander, * Alexander Leidinger wrote: > On Sat, 1 May 2010 14:45:44 +0200 Ed Schouten wrote: >=20 > > Hi all, > >=20 > > Some time ago I noticed some operating systems offer an interface > > called btmp, which is essentially a wtmp for logging failed login > > attempts. Instead of taking the same approach, I'd rather do >=20 > Does this default to on or off or is this always on? If the later: some > kind of a switch (no matter what the default is) would be highly > desired. What about adding a switch to last(1) to (un)hide the entries? --=20 Ed Schouten WWW: http://80386.nl/ --Ims+H+fSKJm6k6PB Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.14 (FreeBSD) iEYEARECAAYFAkvcj+wACgkQ52SDGA2eCwWyCQCeLj1bn+oBSgZ6C6hhHIkCl4Fr JJUAmwdeXhyyaII+1eaaRjmtWSuouXqJ =pAGa -----END PGP SIGNATURE----- --Ims+H+fSKJm6k6PB-- From owner-freebsd-arch@FreeBSD.ORG Sat May 1 20:56:43 2010 Return-Path: Delivered-To: freebsd-arch@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 5B075106564A for ; Sat, 1 May 2010 20:56:43 +0000 (UTC) (envelope-from peterjeremy@acm.org) Received: from mail18.syd.optusnet.com.au (mail18.syd.optusnet.com.au [211.29.132.199]) by mx1.freebsd.org (Postfix) with ESMTP id C72BE8FC13 for ; Sat, 1 May 2010 20:56:42 +0000 (UTC) Received: from server.vk2pj.dyndns.org (c122-106-253-149.belrs3.nsw.optusnet.com.au [122.106.253.149]) by mail18.syd.optusnet.com.au (8.13.1/8.13.1) with ESMTP id o41KuTjs001796 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Sun, 2 May 2010 06:56:31 +1000 X-Bogosity: Ham, spamicity=0.000000 Received: from server.vk2pj.dyndns.org (localhost.vk2pj.dyndns.org [127.0.0.1]) by server.vk2pj.dyndns.org (8.14.4/8.14.4) with ESMTP id o41KuQeo088835; Sun, 2 May 2010 06:56:26 +1000 (EST) (envelope-from peter@server.vk2pj.dyndns.org) Received: (from peter@localhost) by server.vk2pj.dyndns.org (8.14.4/8.14.4/Submit) id o41KuQWB088834; Sun, 2 May 2010 06:56:26 +1000 (EST) (envelope-from peter) Date: Sun, 2 May 2010 06:56:26 +1000 From: Peter Jeremy To: Ed Schouten Message-ID: <20100501205625.GB36980@server.vk2pj.dyndns.org> References: <20100501124544.GR56080@hoeg.nl> <20100501211250.00007a1c@unknown> <20100501203244.GT56080@hoeg.nl> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="wq9mPyueHGvFACwf" Content-Disposition: inline In-Reply-To: <20100501203244.GT56080@hoeg.nl> X-PGP-Key: http://members.optusnet.com.au/peterjeremy/pubkey.asc User-Agent: Mutt/1.5.20 (2009-06-14) Cc: Alexander Leidinger , freebsd-arch@FreeBSD.org Subject: Re: [Extension] utmpx and LOGIN_FAILURE X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 01 May 2010 20:56:43 -0000 --wq9mPyueHGvFACwf Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On 2010-May-01 22:32:44 +0200, Ed Schouten wrote: >* Alexander Leidinger wrote: >> Does this default to on or off or is this always on? If the later: some >> kind of a switch (no matter what the default is) would be highly >> desired. > >What about adding a switch to last(1) to (un)hide the entries? That doesn't cover the DoS potential of logging this data in the firstplace. --=20 Peter Jeremy --wq9mPyueHGvFACwf Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.14 (FreeBSD) iEYEARECAAYFAkvclXkACgkQ/opHv/APuIdSIgCdENcpu+MMG+w8c9fwuBubC3OH WHIAnA8xFH/2rAo7JpyzZyJ0vNobDIQ3 =xhga -----END PGP SIGNATURE----- --wq9mPyueHGvFACwf-- From owner-freebsd-arch@FreeBSD.ORG Sat May 1 23:58:47 2010 Return-Path: Delivered-To: freebsd-arch@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 898C31065675 for ; Sat, 1 May 2010 23:58:47 +0000 (UTC) (envelope-from ed@hoeg.nl) Received: from mx0.hoeg.nl (mx0.hoeg.nl [178.63.0.170]) by mx1.freebsd.org (Postfix) with ESMTP id 4681D8FC0A for ; Sat, 1 May 2010 23:58:46 +0000 (UTC) Received: by mx0.hoeg.nl (Postfix, from userid 1000) id 3FB4B2A28D04; Sun, 2 May 2010 01:58:46 +0200 (CEST) Date: Sun, 2 May 2010 01:58:46 +0200 From: Ed Schouten To: Peter Jeremy Message-ID: <20100501235846.GU56080@hoeg.nl> References: <20100501124544.GR56080@hoeg.nl> <20100501211250.00007a1c@unknown> <20100501203244.GT56080@hoeg.nl> <20100501205625.GB36980@server.vk2pj.dyndns.org> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="SpiXHX+fVORj1nzn" Content-Disposition: inline In-Reply-To: <20100501205625.GB36980@server.vk2pj.dyndns.org> User-Agent: Mutt/1.5.20 (2009-06-14) Cc: Alexander Leidinger , freebsd-arch@FreeBSD.org Subject: Re: [Extension] utmpx and LOGIN_FAILURE X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 01 May 2010 23:58:47 -0000 --SpiXHX+fVORj1nzn Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable * Peter Jeremy wrote: > On 2010-May-01 22:32:44 +0200, Ed Schouten wrote: > >* Alexander Leidinger wrote: > >> Does this default to on or off or is this always on? If the later: some > >> kind of a switch (no matter what the default is) would be highly > >> desired. > > > >What about adding a switch to last(1) to (un)hide the entries? >=20 > That doesn't cover the DoS potential of logging this data in the > firstplace. So how is this covered right now? As far as I know, all of our existing login services write messages to /var/log/*. --=20 Ed Schouten WWW: http://80386.nl/ --SpiXHX+fVORj1nzn Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.14 (FreeBSD) iEYEARECAAYFAkvcwDYACgkQ52SDGA2eCwUUPgCfZYsuRiXSdFvIBzyiZXhuwpg6 tLgAniZkPaS9y+yknAiiwl3JtB5mVs6d =WM6O -----END PGP SIGNATURE----- --SpiXHX+fVORj1nzn--